When emerging technology creates far-reaching and rapid change, it can also bring new risks. Understanding and mitigating them will help to build confidence.

Today’s rapid pace of technological innovation, from AI to blockchain, is impacting business models and processes. Traditional means of assurance – such as corporate governance, board meetings, financial statements, internal and external audits – will need to take into account new factors to remain relevant and build confidence among stakeholders.

Often legal and regulatory frameworks haven’t kept pace with digital transformation, and organizations are seeking guidance. This challenge is exacerbated by the speed at which technological change is occurring and the breadth of its adoption – which is introducing new risks that demand new responses.

Emerging technologies can provide improved accuracy, better quality and cost efficiencies for businesses in every sector. They can enhance trust in the organization’s operations and financial processes, which is crucial for sustainable success. But this can produce a paradox: the very solutions that can be used to better manage risk, increase transparency and build confidence are often themselves the source of new risks, which may go unnoticed.

(Chapter breaker)

1

Chapter 1

Adopting artificial intelligence intelligently

AI offers new ways to build trust, but can also make businesses vulnerable to new risks.

When applied to some audit processes, AI can support greater accuracy and quality, providing consistent reasoning with precision and objectivity. Significantly, the automation and efficiency brought by AI technology allow the analysis of a full population of data instead of a sample, enhancing confidence in the results.

Machine learning – a form of AI where computer algorithms improve over time – can help provide a better predictive analysis of fraud. For a number of years, machine learning has successfully detected credit card fraud. Banks use systems that have been trained on historical data to monitor payments for potential fraudulent activity and block suspicious transactions.

AI, and machine learning in particular, can also play an important role in anti-money laundering programs in areas such as the monitoring of suspicious activities and transactions. With the increasing complexity of threats and the growing volume of data to analyze, this use is only expected to grow.

While AI can help build trust, however, it also carries a range of new risks – both operational and financial. AI systems rely on large volumes of data, and handling it may pose regulatory risks relating to data privacy, opening up vulnerabilities to data leaks and cyber-attacks – and the ensuing reputational risk. Bias issues with initial training data or programmatic errors contained in the algorithm could also compromise AI process outputs.

To mitigate these risks and maximize their potential benefits, businesses looking to adopt AI should develop the right governance and apply a framework to provide trust and confidence. Actions should include:

Verifying training data to remove bias

Understanding how AI technologies are being applied within the organization, as all the components embedded within the AI system need to be governed and protected

Establishing ethics boards to provide advice on the implications of AI development

Evaluating the effectiveness of the governance model

Making the use of AI ethical, unbiased, transparent and secure will help to earn trust and drive further adoption.

Related article

(Chapter breaker)

2

Chapter 2

Finding the key to trust blockchain

A technology promising to create trust carries potential risks that could undermine it instead.

Like AI, blockchain has seen rapid adoption in a number of industries and functions. Blockchain’s ability to create an immutable, transparent and secure record of transactions and data, governed by a consensus, removes the need for central aggregators or intermediaries. It allows immediate reconciliation, improves the integrity of data and generates trust because it allows participants to provide increased transparency to stakeholders and gain control of their own operations in a digital environment.

But blockchain can also create new risks. As with any digital system, code integrity is vital to create trust in the platform, and cybersecurity is an inherent risk in a weak code.

There are also more macro-scale challenges to implementing blockchain solutions, such as a lack of standardization in protocols, and inconsistent regulation and legislation. Risks can also originate off-platform – if the information on the blockchain comes from activities outside the blockchain, how can the originating transaction be verified?

To mitigate such potential financial and operational risks from blockchain, participants must:

Follow best practice in internal control frameworks, focusing on safeguarding assets, existence, rights and valuation

Evaluate IT risk, including cybersecurity, smart contracts, access rights and program change

Leverage trusted independent parties to review and report on process, and work towards building in trust by design.

To build trust in the blockchain, it will be essential for companies to gain independent visibility of the data, the transacting parties and the transactions recorded on the ledger.

Even though blockchain can create trust, it does not remove the need for assurance in the process itself, nor in the performance and financial outcomes.

Related article

(Chapter breaker)

3

Chapter 3

The human factor in Digital Trust

A good tool used badly – without understanding the risks – has been the downfall of many good ideas. How can we help new technologies preserve confidence?

There is one risk common to both AI and blockchain – the over-reliance businesses may place on these two technologies.

Even though both AI and blockchain can help build trust and confidence, relying on technical features such as automation, algorithms and encryption, they still require a large degree of human oversight.

The extent to which the mitigating actions are successful will largely depend on humans and on their judgment. To mitigate potential risks and maximize potential benefits, you should focus on:

Finding and developing the right skillsets and mindsets: New technologies will be sophisticated and, in many cases, require a steep learning curve even for experienced staff. Acquiring the right capabilities, whether by hiring or training, will be critical. Throughout your organization, you’ll also need to develop increased risk awareness and a shared sense of responsibility to identify and respond to emerging threats and opportunities.

Looking at buy vs build strategies: How do you best implement new technologies? Do you build these capabilities in-house, or look to third parties, partnerships, or acquisitions to bring in these capabilities from the outside? You may need to rethink your approach to mergers and acquisitions to make the right decisions.

Identifying appropriate success metrics: While some traditional business analysis approaches will remain, the transformative age may require a rethink on how you measure success. One approach that organizations could consider is looking not only at what new technology programs have delivered, but also what they should have delivered – and how their performance ultimately conforms to those expectations.

To be successful, businesses need to adopt new ways of working to mitigate technology’s risks. Trust in the digital age can be both built and compromised by emerging technologies – and the outcome will ultimately depend on the quality of human decisions.

Summary

New technology can improve accuracy and quality, helping to enhance trust in operations and financial processes. Yet technological advances such as AI and blockchain can also bring new risks that may go unnoticed, such as in data handling, which may lead to reputational risk, and programmatic errors or bias. To mitigate the risks and maximize the potential of digital transformation, businesses may want to develop governance frameworks.

EY refers to the global organization, and may refer to one or more, of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients.

EY is a global leader in assurance, tax, transaction and advisory services. The insights and quality services we deliver help build trust and confidence in the capital markets and in economies the world over. We develop outstanding leaders who team to deliver on our promises to all of our stakeholders. In so doing, we play a critical role in building a better working world for our people, for our clients and for our communities.

EY refers to the global organization, and may refer to one or more, of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients. For more information about our organization, please visit ey.com.

This material has been prepared for general informational purposes only and is not intended to be relied upon as accounting, tax, or other professional advice. Please refer to your advisors for specific advice.

Welcome to EY.com

In addition to cookies that are strictly necessary to operate this website, we use the following types of cookies to improve your experience and our services: Functional cookies to enhance your experience (e.g. remember settings), Performance cookies to measure the website's performance and improve your experience, Advertising/Targeting cookies, which are set by third parties with whom we execute advertising campaigns and allow us to provide you with advertisements relevant to you, Social media cookies, which allow you to share the content on this website on social media like Facebook and Twitter.

You may withdraw your consent to cookies at any time once you have entered the website through a link in the privacy policy, which you can find at the bottom of each page on the website.